[j-nsp] Routing loop with OSPFv3 NSSA and external routes
Tore Anderson
tore at fud.no
Fri Feb 22 04:41:47 EST 2013
* Alex Arseniev
> Looks like R2 has 2 equal-cost Ext routes, both with metric-type 2.
If you're referring to the routes via xe-1/2/0.6 and ae0.0, then perhaps
so but they both go to R1 which is wrong. In any case, the xe-1/2/0.6
link is some old legacy crap that was due for removal anyway, so now I
got rid of it. That simplifies things, but it didn't help. So now the
topology is as follows:
2001:db8::1/128
| (RIPng-advertised)
~
|
[SW1 - ID 192.0.2.40]
| vlan.5
|
| (NSSA area 10.0.0.0)
|
| xe-1/2/0.5
[R2 - ID 192.0.2.4]
| ae0.0
|
| (area 0)
|
| ae0.0
[R1 - ID 192.0.2.5]
> What happens if you redistribute on SW1 with metric-type 1?
No change in behaviour, traffic still starts looping between R1 and R2,
as soon as I include R1 in area 10.0.0.0 by adding ae0.0 as a secondary
interface.
> Also, what do your link metrics look like? Are they BW-related or just 1
> for any link (LAG or single 1/10GE)?
R1/R2 ae0.0 is 20G and R2 xe-1/2/0.5 is 10G. I use reference-bandwidth
10g so all three have a cost of 1.
> Lastly, what happens if R1 has "no-nssa-abr" configured?
I already had that knob set, tried to remove it, no change.
So anyway. The relevant config on SW1 now is as follows:
SW1# show policy-options policy-statement ripng-routes
term 1 {
from protocol ripng;
then {
external {
type 1;
}
accept;
}
}
SW1# show protocols ospf3
export ripng-routes;
reference-bandwidth 10g;
no-rfc-1583;
area 10.0.0.0 {
nssa;
interface lo0.0 {
passive;
}
interface vlan.5;
}
The LS1 originated by SW1 looks as follows:
SW1> show ospf3 database lsa-id 0.0.0.2 advertising-router self extensive
OSPF3 database, Area 10.0.0.0
Type ID Adv Rtr Seq Age Cksum Len
NSSA *0.0.0.2 192.0.2.40 0x8000005f 1202 0x7ff9 44
Prefix 2001:db8::1/128
Prefix-options 0x8, Metric 2, Type 1,
Gen timer 00:17:03
Aging timer 00:39:58
Installed 00:20:02 ago, expires in 00:39:58, sent 00:20:02 ago
Last changed 00:20:02 ago, Change count: 2, Ours
SW1 behaves nice and dandy even when R1 and R2 are looping traffic, no
change in the output above.
Config on R1 when everything works:
R2# show protocols ospf3
reference-bandwidth 10g;
no-rfc-1583;
no-nssa-abr;
area 0.0.0.0 {
interface lo0.0 {
passive;
}
interface ae0.0;
}
area 10.0.0.0 {
nssa {
default-lsa default-metric 10;
no-summaries;
}
interface xe-1/2/0.5;
}
R2 receives SW1's LSA just fine:
R2> show ospf3 database advertising-router 192.0.2.40 lsa-id 0.0.0.2 extensive
Area 10.0.0.0
Type ID Adv Rtr Seq Age Cksum Len
NSSA 0.0.0.2 192.0.2.40 0x8000005f 2147 0x7ff9 44
Prefix 2001:db8::1/128
Prefix-options 0x8, Metric 2, Type 1,
Aging timer 00:24:13
Installed 00:35:46 ago, expires in 00:24:13, sent 00:13:06 ago
Last changed 00:35:46 ago, Change count: 2
It's being selected as the active route:
R2> show ospf3 route 2001:db8::1 extensive
Prefix Path Route NH Metric
Type Type Type
2001:db8::1/128 Ext1 Network IP 3
NH-interface xe-1/2/0.5, NH-addr fe80::[SW1 vlan.5]
Area 10.0.0.0, Origin 192.0.2.40, Type 7, P-bit, Fwd NZ, Priority medium
Being the only ABR, R2 also translates the NSSA (type-7) to an external
(type-5) LSA:
R2> show ospf3 database advertising-router self lsa-id 0.0.0.8 external extensive
OSPF3 AS SCOPE link state database
Type ID Adv Rtr Seq Age Cksum Len
Extern *0.0.0.8 192.0.2.4 0x80000001 764 0x5f18 44
Prefix 2001:db8::1/128
Prefix-options 0x0, Metric 2, Type 1,
Gen timer 00:25:09
Aging timer 00:47:16
Installed 00:12:44 ago, expires in 00:47:16, sent 00:12:44 ago
Last changed 00:12:44 ago, Change count: 1, Ours
On R1, relevant config is as follows:
R1> show configuration protocols ospf3
reference-bandwidth 10g;
no-rfc-1583;
no-nssa-abr;
area 0.0.0.0 {
interface lo0.0 {
passive;
}
interface ae0.0;
}
R1 receives R2's translated type-5 LSA and uses it:
R1> show ospf3 database advertising-router 192.0.2.4 lsa-id 0.0.0.8 external extensive
OSPF3 AS SCOPE link state database
Type ID Adv Rtr Seq Age Cksum Len
Extern 0.0.0.8 192.0.2.4 0x80000001 992 0x5f18 44
Prefix 2001:db8::1/128
Prefix-options 0x0, Metric 2, Type 1,
Aging timer 00:43:27
Installed 00:16:31 ago, expires in 00:43:28, sent 00:16:31 ago
Last changed 00:16:31 ago, Change count: 1
R1> show ospf3 route 2001:db8::1 extensive
Prefix Path Route NH Metric
Type Type Type
2001:db8::1/128 Ext1 Network IP 3
NH-interface ae0.0, NH-addr fe80::[R2 ae0.0]
Area 0.0.0.0, Origin 192.0.2.4, Fwd NZ, Priority medium
All fine. So if I reproduce the issue by making the following changes:
R1# set protocols ospf3 area 10.0.0.0 nssa
R1# set protocols ospf3 area 10.0.0.0 interface ae0.0 secondary
R2# set protocols ospf3 area 10.0.0.0 interface ae0.0 secondary
At this point, both R1 and R2 see SW1's NSSA LSA:
R1> show ospf3 database advertising-router 192.0.2.40 lsa-id 0.0.0.2 extensive
Area 10.0.0.0
Type ID Adv Rtr Seq Age Cksum Len
NSSA 0.0.0.2 192.0.2.40 0x80000060 1237 0x7dfa 44
Prefix 2001:db8::1/128
Prefix-options 0x8, Metric 2, Type 1,
Aging timer 00:39:22
Installed 00:00:09 ago, expires in 00:39:23
Last changed 00:00:09 ago, Change count: 1
R2> show ospf3 database advertising-router 192.0.2.40 lsa-id 0.0.0.2 extensive
Area 10.0.0.0
Type ID Adv Rtr Seq Age Cksum Len
NSSA 0.0.0.2 192.0.2.40 0x80000060 1241 0x7dfa 44
Prefix 2001:db8::1/128
Prefix-options 0x8, Metric 2, Type 1,
Aging timer 00:39:19
Installed 00:20:38 ago, expires in 00:39:19, sent 00:00:14 ago
Last changed 00:57:45 ago, Change count: 2
R1 has now become an ABR, so it translats the type-7 into type-5:
R1> show ospf3 database advertising-router self lsa-id 0.0.0.7 external extensive
OSPF3 AS SCOPE link state database
Type ID Adv Rtr Seq Age Cksum Len
Extern *0.0.0.7 192.0.2.5 0x80000001 108 0x6314 44
Prefix 2001:db8::1/128
Prefix-options 0x0, Metric 2, Type 1,
Gen timer 00:44:46
Aging timer 00:58:11
Installed 00:01:48 ago, expires in 00:58:12, sent 00:01:48 ago
Last changed 00:01:48 ago, Change count: 1, Ours
Note that R2 does *not* translate the type-7 into type-5 anymore even
though it is still an ABR, only R1 does. This is expected as R1 has a
higher router ID.
R2 also sees R1's translated type-5 LSA:
R2> show ospf3 database advertising-router 192.0.2.5 lsa-id 0.0.0.7 external extensive
OSPF3 AS SCOPE link state database
Type ID Adv Rtr Seq Age Cksum Len
Extern 0.0.0.7 192.0.2.5 0x80000001 188 0x6314 44
Prefix 2001:db8::1/128
Prefix-options 0x0, Metric 2, Type 1,
Aging timer 00:56:52
Installed 00:03:07 ago, expires in 00:56:52, sent 00:03:07 ago
Last changed 00:03:07 ago, Change count: 1
R1 uses the type-7 intra-area LSA when selecting the best route, which I
think is fine:
R1> show ospf3 route 2001:db8::1/128 extensive
Prefix Path Route NH Metric
Type Type Type
2001:db8::1/128 Ext1 Network IP 4
NH-interface ae0.0, NH-addr fe80::[R2 ae0.0]
Area 10.0.0.0, Origin 192.0.2.40, Type 7, P-bit, Fwd NZ, Priority medium
...while R2 uses the translated type-5 LSA originated by R1 as the best
route:
R2> show ospf3 route 2001:db8::1/128 extensive
Prefix Path Route NH Metric
Type Type Type
2001:db8::1/128 Ext1 Network IP 3
NH-interface ae0.0, NH-addr fe80::[R1 ae0.0]
Area 0.0.0.0, Origin 192.0.2.5, Fwd NZ, Priority medium
I think that the fault lies with R2 here. If R2 had ignored the
translated type-5 LSA originated by R1, and instead preferred the
intra-area type-7 LSA originated by SW1 when selecting the best path,
I think everything would have worked just fine. Agreed?
This is what happens with IPv4/OSPv2 at least. Exact same topology here
(except that the I didn't change the RIP route export to Ext1 on SW1),
and R2 *does* choose the type-7 over the type-5 when selecting the best
path:
R2> show ospf route 12.234.67.8 extensive
Topology default Route Table:
Prefix Path Route NH Metric NextHop Nexthop
Type Type Type Interface Address/LSP
12.234.67.8/32 Ext2 Network IP 2 xe-1/2/0.5 [SW1 vlan.5]
area 10.0.0.0, origin 192.0.2.40, type 7, P-bit, fwd NZ, priority medium
R2> show ospf database lsa-id 12.234.67.8 extensive
Area 10.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
NSSA 12.234.67.8 192.0.2.40 0x80000101 922 0x28 0x1d90 36
mask 255.255.255.255
Topology default (ID 0)
Type: 2, Metric: 2, Fwd addr: 192.0.2.40, Tag: 0.0.0.0
Aging timer 00:44:37
Installed 00:15:19 ago, expires in 00:44:38, sent 00:15:17 ago
Last changed 3d 07:40:36 ago, Change count: 1
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern 12.234.67.8 192.0.2.5 0x8000001f 2021 0x22 0xb999 36
mask 255.255.255.255
Topology default (ID 0)
Type: 2, Metric: 2, Fwd addr: 192.0.2.40, Tag: 0.0.0.0
Aging timer 00:26:18
Installed 00:33:38 ago, expires in 00:26:19, sent 00:33:36 ago
Last changed 04:13:02 ago, Change count: 3
I guess I'll have to open a ticket...
Best regards,
--
Tore Anderson
More information about the juniper-nsp
mailing list